Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Malicious Hubs: Detecting Abnormally Malicious Autonomous Systems

Conference ·
OSTI ID:974218
 [1];  [2];  [1]
  1. Indiana University
  2. ORNL
+ Show Author Affiliations

While many attacks are distributed across botnets, investigators and network operators have recently targeted malicious networks through high profile autonomous system (AS) de-peerings and network shut-downs. In this paper, we explore whether some ASes indeed are safe havens for malicious activity. We look for ISPs and ASes that exhibit disproportionately high malicious behavior using 12 popular blacklists. We find that some ASes have over 80% of their routable IP address space blacklisted and others account for large fractions of blacklisted IPs. Overall, we conclude that examining malicious activity at the AS granularity can unearth networks with lax security or those that harbor cybercrime.

Research Organization:
Oak Ridge National Laboratory (ORNL); Center for Computational Sciences
Sponsoring Organization:
USDOE
DOE Contract Number:
AC05-00OR22725
OSTI ID:
974218
Country of Publication:
United States
Language:
English

Similar Records

Abnormally Malicious Autonomous Systems and their Internet Connectivity
Journal Article · Fri Dec 31 23:00:00 EST 2010 · IEEE/ACM Transactions on Networking · OSTI ID:1022635
P2P-based botnets: structural analysis, monitoring, and mitigation
Conference · Mon Dec 31 23:00:00 EST 2007 · OSTI ID:956693
Spy the Lie: Detecting Malicious Insiders
Technical Report · Mon Mar 12 00:00:00 EDT 2018 · OSTI ID:1452870

Related Subjects

99 GENERAL AND MISCELLANEOUS
COMPUTER NETWORKS
CRIME DETECTION
Internet
SABOTAGE
SECURITY
cybercrime
malicious networks
network security